-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-17:06.hyperv                                         Errata Notice
                                                          The FreeBSD Project

Topic:          Boot compatibility improvements with Azure VMs

Category:       core
Module:         hyperv/storvsc
Announced:      2017-07-12
Credits:        Microsoft OSTC
Affects:        FreeBSD 10.3
Corrected:      2016-10-19 08:45:19 UTC (stable/10, 10.3-STABLE)
                2017-07-12 08:07:55 UTC (releng/10.3, 10.3-RELEASE-p20)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I.   Background

Hyper-V is a default hypervisor provided on Windows server by Microsoft.
The ATA driver is the legacy storage driver for FreeBSD on Hyperv; now they
are replaced by a synthetic driver which has better performance.

There are issues when attaching multiple synthetic storage drivers for
FreeBSD 10.3 on some of Hyper-V hosts.

The CD/DVD cannot be detected in some circumstances which causes provisioning
fail on Azure.

II.  Problem Description

The disk INQUIRY response is not complete for FreeBSD 10.3 on some
Hyper-V hosts, which will cause the disks to be detached during boot.

An interrupt is missing if we allow intr_shuffle_irqs on Hyper-V.

III. Impact

FreeBSD 10.3 can not be boot properly on a guest system on Hyper-V host.

IV.  Workaround

No workaround is available, however systems not running within Hyper-V or
Azure are unaffected.

V.   Solution

Perform one of the following:

1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

A reboot is required.

2) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

A reboot is required.

3) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-17:06/hyperv.patch
# fetch https://security.FreeBSD.org/patches/EN-17:06/hyperv.patch.asc
# gpg --verify hyperv.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

VI.  Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path                                                      Revision
- -------------------------------------------------------------------------
stable/10/                                                        r307623
releng/10.3/                                                      r320912
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212721>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-17:06.hyperv.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.21 (FreeBSD)

iQIzBAEBCgAdFiEEHPf/b631yp++G4yy7Wfs1l3PaucFAllmPAEACgkQ7Wfs1l3P
aucYWA/+MnvacneOAPWlxl5EoZClil8fFLfXvnWocUOxrdKEFdCDR4Kro/a4BvUz
gyj6H5sKvM1j3laRZGsUDrK8iQyBwtYSmanCZvRHNau7OHNqy2gbbJaeDN6APy/j
Jyp+GrIQa+o3+m15VuC8gZzbobNkdGwp7IS4gBDRC/u804Rij+DG0RMiUF0uZhxX
n2JPTmsAKUls1o2H+02gLseDaNGMHkFGv9vGp4s9L6RZHLLcSrw9gYwLZYCb0tFE
OyJzpZSSzvXjMprjAD+Ay2CIR2WHSqaxfs2jK4pqwbZnE9mIsW6wm+4FaH+ZLbzO
KeMgP9f6T4WByQQEw66fSYufepC4qVDZnmeRwNph6nvv3bgqlpueceq5M+pZMM7k
UvEH7I2nNfpAvtM5uzFOqyNNMuMwkLcLm10o/3AXumLKAL2Co5xsiViotryhB/mb
XP3l9zvt6uwIlYwOJ0r2i0bbtGrtUZml74iBJU5Wu4ItztWOeCRJCosk+dbc2YZW
uYOGwopo5n0SzypWG3CdZpSlhrvKwJrlEFLK6pHXYzC4gL8Wlqw8b/OMeu/yCvH8
MLRsitGiRK5sSSAitLjDqfRbxULq0o5F2K/OKRZw3LHL2m0Z+HNI0B68RTfhXp5U
w3QQk20/7A2Au5Tgv9ihmCE7C7TdOYyNaN6n974kZUfaH6ggsmY=
=ycJf
-----END PGP SIGNATURE-----
